tuan2tech 0 Posted June 29 Share Posted June 29 Hi you My purpose is just to allow internal PING to check the connection. I have added vlans in the trusted zone. Is this safe? When other machines on the LAN have a local attack, can ESET still detect it? Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 5,168 Posted June 29 Administrators Share Posted June 29 By adding IP addresses to the trusted zone you allow file sharing and some other services in the network. For instance, if you add an IP address of an infected machine that doesn't have ESET installed, a possible rasomware running on the machine could encrypt files in other machines' shares. Quote Link to comment Share on other sites More sharing options...
tuan2tech 0 Posted Monday at 02:11 AM Author Share Posted Monday at 02:11 AM So I just want to allow PING, what should I do? Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 5,168 Posted Monday at 07:58 PM Administrators Share Posted Monday at 07:58 PM Create a custom permissive rule for outbound ICMP communication with ICMP type 8 (echo) and the remote IP addresses outside the trusted zone that should be able to ping the machine. Put this custom rule on top of the default firewall rules: Quote Link to comment Share on other sites More sharing options...
tuan2tech 0 Posted yesterday at 08:37 AM Author Share Posted yesterday at 08:37 AM I created rules as instructed but still can't PING to the destination Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 5,168 Posted yesterday at 08:41 AM Administrators Share Posted yesterday at 08:41 AM The rule has priority 65, ie. it was not moved on top of the built-in rules. Should the communication be still blocked, you should be able to resolve it though this wizard: Quote Link to comment Share on other sites More sharing options...
tuan2tech 0 Posted yesterday at 09:12 AM Author Share Posted yesterday at 09:12 AM How to set rules to priority number 1, I deploy this policy to many machines at once Quote Link to comment Share on other sites More sharing options...
Administrators Solution Marcos 5,168 Posted yesterday at 11:12 AM Administrators Solution Share Posted yesterday at 11:12 AM Toggle display of built-in rules Move the rule on top Apply the policy setting using the method "replace" or "prepend" so that these rules take precedence over the existing rules on the clients. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.